Vulnerability Description
ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with potentially sensitive information about the client or the internal network configuration.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mirabilis | Icq | 98_beta |
References
- http://www.securityfocus.com/archive/1/11233Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1398
- http://www.securityfocus.com/archive/1/11233Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/1398
FAQ
What is CVE-1999-1289?
CVE-1999-1289 is a vulnerability with a CVSS score of 7.5 (HIGH). ICQ 98 beta on Windows NT leaks the internal IP address of a client in the TCP data segment of an ICQ packet instead of the public address (e.g. through NAT), which provides remote attackers with pote...
How severe is CVE-1999-1289?
CVE-1999-1289 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-1999-1289?
Check the references section above for vendor advisories and patch information. Affected products include: Mirabilis Icq.